Blame - include/authsrv.h - plan9

blob: 1149a212082856737ca55ffb17d99ecba8b4e8d8 [file] [log] [blame]

rsc	2277c5d	2004-03-21 04:33:13 +0000	[diff] [blame]	1	#ifndef __AUTHSRV_H__
				2	#define __AUTHSRV_H__ 1
				3	#ifdef __cplusplus
				4	extern "C" {
				5	#endif
				6	/*
				7	#pragma src "/sys/src/libauthsrv"
				8	#pragma lib "libauthsrv.a"
				9	*/
				10
				11	/*
				12	* Interface for talking to authentication server.
				13	*/
				14	typedef struct Ticket Ticket;
				15	typedef struct Ticketreq Ticketreq;
				16	typedef struct Authenticator Authenticator;
				17	typedef struct Nvrsafe Nvrsafe;
				18	typedef struct Passwordreq Passwordreq;
				19	typedef struct OChapreply OChapreply;
				20	typedef struct OMSchapreply OMSchapreply;
				21
				22	enum
				23	{
				24	ANAMELEN= 28, /* maximum size of name in previous proto */
				25	AERRLEN= 64, /* maximum size of errstr in previous proto */
				26	DOMLEN= 48, /* length of an authentication domain name */
				27	DESKEYLEN= 7, /* length of a des key for encrypt/decrypt */
				28	CHALLEN= 8, /* length of a plan9 sk1 challenge */
				29	NETCHLEN= 16, /* max network challenge length (used in AS protocol) */
				30	CONFIGLEN= 14,
				31	SECRETLEN= 32, /* max length of a secret */
				32
				33	KEYDBOFF= 8, /* length of random data at the start of key file */
				34	OKEYDBLEN= ANAMELEN+DESKEYLEN+4+2, /* length of an entry in old key file */
				35	KEYDBLEN= OKEYDBLEN+SECRETLEN, /* length of an entry in key file */
				36	OMD5LEN= 16,
				37	};
				38
				39	/* encryption numberings (anti-replay) */
				40	enum
				41	{
				42	AuthTreq=1, /* ticket request */
				43	AuthChal=2, /* challenge box request */
				44	AuthPass=3, /* change password */
				45	AuthOK=4, /* fixed length reply follows */
				46	AuthErr=5, /* error follows */
				47	AuthMod=6, /* modify user */
				48	AuthApop=7, /* apop authentication for pop3 */
				49	AuthOKvar=9, /* variable length reply follows */
				50	AuthChap=10, /* chap authentication for ppp */
				51	AuthMSchap=11, /* MS chap authentication for ppp */
				52	AuthCram=12, /* CRAM verification for IMAP (RFC2195 & rfc2104) */
				53	AuthHttp=13, /* http domain login */
				54	AuthVNC=14, /* VNC server login (deprecated) */
				55
				56
				57	AuthTs=64, /* ticket encrypted with server's key */
				58	AuthTc, /* ticket encrypted with client's key */
				59	AuthAs, /* server generated authenticator */
				60	AuthAc, /* client generated authenticator */
				61	AuthTp, /* ticket encrypted with client's key for password change */
				62	AuthHr, /* http reply */
				63	};
				64
				65	struct Ticketreq
				66	{
				67	char type;
				68	char authid[ANAMELEN]; /* server's encryption id */
				69	char authdom[DOMLEN]; /* server's authentication domain */
				70	char chal[CHALLEN]; /* challenge from server */
				71	char hostid[ANAMELEN]; /* host's encryption id */
				72	char uid[ANAMELEN]; /* uid of requesting user on host */
				73	};
				74	#define TICKREQLEN (3*ANAMELEN+CHALLEN+DOMLEN+1)
				75
				76	struct Ticket
				77	{
				78	char num; /* replay protection */
				79	char chal[CHALLEN]; /* server challenge */
				80	char cuid[ANAMELEN]; /* uid on client */
				81	char suid[ANAMELEN]; /* uid on server */
				82	char key[DESKEYLEN]; /* nonce DES key */
				83	};
				84	#define TICKETLEN (CHALLEN+2*ANAMELEN+DESKEYLEN+1)
				85
				86	struct Authenticator
				87	{
				88	char num; /* replay protection */
				89	char chal[CHALLEN];
				90	ulong id; /* authenticator id, ++'d with each auth */
				91	};
				92	#define AUTHENTLEN (CHALLEN+4+1)
				93
				94	struct Passwordreq
				95	{
				96	char num;
				97	char old[ANAMELEN];
				98	char new[ANAMELEN];
				99	char changesecret;
				100	char secret[SECRETLEN]; /* new secret */
				101	};
				102	#define PASSREQLEN (2*ANAMELEN+1+1+SECRETLEN)
				103
				104	struct OChapreply
				105	{
				106	uchar id;
				107	char uid[ANAMELEN];
				108	char resp[OMD5LEN];
				109	};
				110
				111	struct OMSchapreply
				112	{
				113	char uid[ANAMELEN];
				114	char LMresp[24]; /* Lan Manager response */
				115	char NTresp[24]; /* NT response */
				116	};
				117
				118	/*
				119	* convert to/from wire format
				120	*/
				121	extern int convT2M(Ticket, char, char*);
				122	extern void convM2T(char, Ticket, char*);
				123	extern void convM2Tnoenc(char, Ticket);
				124	extern int convA2M(Authenticator, char, char*);
				125	extern void convM2A(char, Authenticator, char*);
				126	extern int convTR2M(Ticketreq, char);
				127	extern void convM2TR(char, Ticketreq);
				128	extern int convPR2M(Passwordreq, char, char*);
				129	extern void convM2PR(char, Passwordreq, char*);
				130
				131	/*
				132	* convert ascii password to DES key
				133	*/
				134	extern int opasstokey(char, char);
				135	extern int passtokey(char, char);
				136
				137	/*
				138	* Nvram interface
				139	*/
				140	enum {
				141	NVwrite = 1<<0, /* always prompt and rewrite nvram */
				142	NVwriteonerr = 1<<1, /* prompt and rewrite nvram when corrupt */
				143	};
				144
				145	struct Nvrsafe
				146	{
				147	char machkey[DESKEYLEN];
				148	uchar machsum;
				149	char authkey[DESKEYLEN];
				150	uchar authsum;
				151	char config[CONFIGLEN];
				152	uchar configsum;
				153	char authid[ANAMELEN];
				154	uchar authidsum;
				155	char authdom[DOMLEN];
				156	uchar authdomsum;
				157	};
				158
				159	extern uchar nvcsum(void*, int);
				160	extern int readnvram(Nvrsafe*, int);
				161
				162	/*
				163	* call up auth server
				164	*/
				165	extern int authdial(char netroot, char authdom);
				166
				167	/*
				168	* exchange messages with auth server
				169	*/
				170	extern int _asgetticket(int, char, char);
				171	extern int _asrdresp(int, char*, int);
				172	extern int sslnegotiate(int, Ticket, char, char*);
				173	extern int srvsslnegotiate(int, Ticket, char, char*);
				174	#ifdef __cplusplus
				175	}
				176	#endif
				177	#endif